Thursday, April 24, 2014

L2 security – IP Source Guard.

In the last post I presented Dynamic ARP Inspection, the feature
which extends DHCP Snooping security feature on the Cisco switches.
Today I’m going to talk about IP Source Guard, the next feature that
restricts traffic from hosts not presented in the DHCP Snooping binding
table (dynamic or static entries). The feature can validate IP or IP and
MAC addresses.
I’m going to test the feature on the below example: